epicyon/blocking.py

464 lines
16 KiB
Python
Raw Normal View History

2020-03-22 20:36:19 +00:00
__filename__="blocking.py"
__author__="Bob Mottram"
__license__="AGPL3+"
__version__="1.1.0"
__maintainer__="Bob Mottram"
__email__="bob@freedombone.net"
__status__="Production"
2019-07-14 19:27:13 +00:00
import os
2019-09-09 15:53:23 +00:00
from utils import isEvil
2020-03-28 10:33:04 +00:00
from utils import evilIncarnate
2019-07-14 19:27:13 +00:00
def addGlobalBlock(baseDir: str, \
blockNickname: str,blockDomain: str) -> bool:
"""Global block which applies to all accounts
"""
blockingFilename=baseDir+'/accounts/blocking.txt'
2020-03-22 21:16:02 +00:00
if not blockNickname.startswith('#'):
2019-08-14 10:32:15 +00:00
blockHandle=blockNickname+'@'+blockDomain
if os.path.isfile(blockingFilename):
if blockHandle in open(blockingFilename).read():
return False
blockFile=open(blockingFilename, "a+")
blockFile.write(blockHandle+'\n')
blockFile.close()
else:
blockHashtag=blockNickname
if os.path.isfile(blockingFilename):
if blockHashtag+'\n' in open(blockingFilename).read():
return False
blockFile=open(blockingFilename, "a+")
blockFile.write(blockHashtag+'\n')
blockFile.close()
return True
2019-07-14 19:27:13 +00:00
def addBlock(baseDir: str,nickname: str,domain: str, \
2019-07-14 19:57:05 +00:00
blockNickname: str,blockDomain: str) -> bool:
2019-07-14 19:27:13 +00:00
"""Block the given account
"""
2019-07-17 21:40:56 +00:00
if ':' in domain:
domain=domain.split(':')[0]
2019-07-14 19:27:13 +00:00
blockingFilename=baseDir+'/accounts/'+nickname+'@'+domain+'/blocking.txt'
2019-08-13 16:11:29 +00:00
blockHandle=blockNickname+'@'+blockDomain
2019-07-14 19:27:13 +00:00
if os.path.isfile(blockingFilename):
if blockHandle in open(blockingFilename).read():
2019-07-14 19:57:05 +00:00
return False
2019-07-14 19:27:13 +00:00
blockFile=open(blockingFilename, "a+")
blockFile.write(blockHandle+'\n')
blockFile.close()
2019-07-14 19:57:05 +00:00
return True
2019-07-14 19:27:13 +00:00
def removeGlobalBlock(baseDir: str, \
unblockNickname: str, \
unblockDomain: str) -> bool:
"""Unblock the given global block
"""
unblockingFilename=baseDir+'/accounts/blocking.txt'
2020-03-22 21:16:02 +00:00
if not unblockNickname.startswith('#'):
2019-08-14 10:32:15 +00:00
unblockHandle=unblockNickname+'@'+unblockDomain
if os.path.isfile(unblockingFilename):
if unblockHandle in open(unblockingFilename).read():
with open(unblockingFilename, 'r') as fp:
with open(unblockingFilename+'.new', 'w') as fpnew:
for line in fp:
handle=line.replace('\n','')
if unblockHandle not in line:
fpnew.write(handle+'\n')
if os.path.isfile(unblockingFilename+'.new'):
os.rename(unblockingFilename+'.new',unblockingFilename)
return True
else:
unblockHashtag=unblockNickname
if os.path.isfile(unblockingFilename):
if unblockHashtag+'\n' in open(unblockingFilename).read():
with open(unblockingFilename, 'r') as fp:
with open(unblockingFilename+'.new', 'w') as fpnew:
for line in fp:
blockLine=line.replace('\n','')
if unblockHashtag not in line:
fpnew.write(blockLine+'\n')
if os.path.isfile(unblockingFilename+'.new'):
os.rename(unblockingFilename+'.new',unblockingFilename)
return True
return False
2019-07-14 19:27:13 +00:00
def removeBlock(baseDir: str,nickname: str,domain: str, \
2019-07-14 19:57:05 +00:00
unblockNickname: str,unblockDomain: str) -> bool:
2019-07-14 19:27:13 +00:00
"""Unblock the given account
"""
2019-07-17 21:40:56 +00:00
if ':' in domain:
domain=domain.split(':')[0]
2019-07-14 19:27:13 +00:00
unblockingFilename=baseDir+'/accounts/'+nickname+'@'+domain+'/blocking.txt'
2019-08-13 16:11:29 +00:00
unblockHandle=unblockNickname+'@'+unblockDomain
2019-07-14 19:27:13 +00:00
if os.path.isfile(unblockingFilename):
if unblockHandle in open(unblockingFilename).read():
with open(unblockingFilename, 'r') as fp:
with open(unblockingFilename+'.new', 'w') as fpnew:
for line in fp:
handle=line.replace('\n','')
if unblockHandle not in line:
fpnew.write(handle+'\n')
if os.path.isfile(unblockingFilename+'.new'):
os.rename(unblockingFilename+'.new',unblockingFilename)
2019-07-14 19:57:05 +00:00
return True
return False
2019-08-14 10:32:15 +00:00
def isBlockedHashtag(baseDir: str,hashtag: str) -> bool:
"""Is the given hashtag blocked?
"""
globalBlockingFilename=baseDir+'/accounts/blocking.txt'
if os.path.isfile(globalBlockingFilename):
hashtag=hashtag.strip('\n')
if hashtag+'\n' in open(globalBlockingFilename).read():
return True
return False
2020-03-28 10:33:04 +00:00
def getDomainBlocklist(baseDir: str) -> str:
"""Returns all globally blocked domains as a string
This can be used for fast matching to mitigate flooding
"""
blockedStr=''
evilDomains=evilIncarnate()
for evil in evilDomains:
blockedStr+=evil+'\n'
globalBlockingFilename=baseDir+'/accounts/blocking.txt'
if not os.path.isfile(globalBlockingFilename):
return blockedStr
with open(globalBlockingFilename, 'r') as file:
blockedStr += file.read()
return blockedStr
def isBlockedDomain(baseDir: str,domain: str) -> bool:
"""Is the given domain blocked?
"""
if isEvil(domain):
return True
globalBlockingFilename=baseDir+'/accounts/blocking.txt'
if os.path.isfile(globalBlockingFilename):
if '*@'+domain in open(globalBlockingFilename).read():
return True
return False
2019-07-14 19:27:13 +00:00
def isBlocked(baseDir: str,nickname: str,domain: str, \
blockNickname: str,blockDomain: str) -> bool:
"""Is the given nickname blocked?
"""
2019-09-09 15:53:23 +00:00
if isEvil(blockDomain):
return True
globalBlockingFilename=baseDir+'/accounts/blocking.txt'
if os.path.isfile(globalBlockingFilename):
if '*@'+blockDomain in open(globalBlockingFilename).read():
return True
2020-02-05 17:41:24 +00:00
if blockNickname:
2020-02-05 17:39:41 +00:00
blockHandle=blockNickname+'@'+blockDomain
if blockHandle in open(globalBlockingFilename).read():
return True
2019-11-03 15:27:29 +00:00
allowFilename= \
baseDir+'/accounts/'+nickname+'@'+domain+'/allowedinstances.txt'
if os.path.isfile(allowFilename):
if blockDomain not in open(allowFilename).read():
return True
2019-11-03 15:27:29 +00:00
blockingFilename= \
baseDir+'/accounts/'+nickname+'@'+domain+'/blocking.txt'
2019-07-14 19:27:13 +00:00
if os.path.isfile(blockingFilename):
2019-08-02 11:46:42 +00:00
if '*@'+blockDomain in open(blockingFilename).read():
return True
2020-02-05 17:41:24 +00:00
if blockNickname:
2020-02-05 17:39:41 +00:00
blockHandle=blockNickname+'@'+blockDomain
if blockHandle in open(blockingFilename).read():
return True
2019-07-14 19:27:13 +00:00
return False
2019-08-20 09:16:03 +00:00
def sendBlockViaServer(baseDir: str,session, \
fromNickname: str,password: str, \
2019-07-17 21:40:56 +00:00
fromDomain: str,fromPort: int, \
httpPrefix: str,blockedUrl: str, \
cachedWebfingers: {},personCache: {}, \
2019-08-14 20:12:27 +00:00
debug: bool,projectVersion: str) -> {}:
2019-07-17 21:40:56 +00:00
"""Creates a block via c2s
"""
if not session:
print('WARN: No session for sendBlockViaServer')
return 6
fromDomainFull=fromDomain
if fromPort:
if fromPort!=80 and fromPort!=443:
if ':' not in fromDomain:
fromDomainFull=fromDomain+':'+str(fromPort)
2019-07-17 21:40:56 +00:00
2019-11-03 15:27:29 +00:00
toUrl= 'https://www.w3.org/ns/activitystreams#Public'
ccUrl= \
2020-03-22 20:36:19 +00:00
httpPrefix+'://'+fromDomainFull+'/users/'+fromNickname+'/followers'
2019-07-17 21:40:56 +00:00
blockActor=httpPrefix+'://'+fromDomainFull+'/users/'+fromNickname
2020-03-22 20:36:19 +00:00
newBlockJson={
2019-08-18 11:07:06 +00:00
"@context": "https://www.w3.org/ns/activitystreams",
2019-07-17 21:40:56 +00:00
'type': 'Block',
'actor': blockActor,
'object': blockedUrl,
'to': [toUrl],
'cc': [ccUrl]
}
handle=httpPrefix+'://'+fromDomainFull+'/@'+fromNickname
# lookup the inbox for the To handle
2020-03-22 20:36:19 +00:00
wfRequest= \
webfingerHandle(session,handle,httpPrefix,cachedWebfingers, \
fromDomain,projectVersion)
2019-07-17 21:40:56 +00:00
if not wfRequest:
if debug:
print('DEBUG: announce webfinger failed for '+handle)
return 1
postToBox='outbox'
# get the actor inbox for the To handle
2020-03-22 20:36:19 +00:00
inboxUrl,pubKeyId,pubKey,fromPersonId,sharedInbox,capabilityAcquisition,avatarUrl,displayName= \
2019-08-20 09:16:03 +00:00
getPersonBox(baseDir,session,wfRequest,personCache, \
2019-10-17 15:55:05 +00:00
projectVersion,httpPrefix,fromNickname, \
fromDomain,postToBox)
2020-03-22 20:59:01 +00:00
2019-07-17 21:40:56 +00:00
if not inboxUrl:
if debug:
print('DEBUG: No '+postToBox+' was found for '+handle)
return 3
if not fromPersonId:
if debug:
print('DEBUG: No actor was found for '+handle)
return 4
2020-03-22 20:59:01 +00:00
2019-07-17 21:40:56 +00:00
authHeader=createBasicAuthHeader(fromNickname,password)
2020-03-22 20:59:01 +00:00
2020-03-22 20:36:19 +00:00
headers={
'host': fromDomain, \
'Content-type': 'application/json', \
'Authorization': authHeader
}
postResult= \
2019-07-17 21:40:56 +00:00
postJson(session,newBlockJson,[],inboxUrl,headers,"inbox:write")
if debug:
print('DEBUG: c2s POST block success')
return newBlockJson
2019-08-20 09:16:03 +00:00
def sendUndoBlockViaServer(baseDir: str,session, \
fromNickname: str,password: str, \
2019-07-17 22:09:09 +00:00
fromDomain: str,fromPort: int, \
httpPrefix: str,blockedUrl: str, \
cachedWebfingers: {},personCache: {}, \
2019-08-14 20:12:27 +00:00
debug: bool,projectVersion: str) -> {}:
2019-07-17 21:40:56 +00:00
"""Creates a block via c2s
"""
if not session:
print('WARN: No session for sendBlockViaServer')
return 6
fromDomainFull=fromDomain
if fromPort:
if fromPort!=80 and fromPort!=443:
if ':' not in fromDomain:
fromDomainFull=fromDomain+':'+str(fromPort)
2019-07-17 21:40:56 +00:00
2019-11-03 15:27:29 +00:00
toUrl= 'https://www.w3.org/ns/activitystreams#Public'
ccUrl= \
2020-03-22 20:36:19 +00:00
httpPrefix+'://'+fromDomainFull+'/users/'+fromNickname+'/followers'
2019-07-17 21:40:56 +00:00
blockActor=httpPrefix+'://'+fromDomainFull+'/users/'+fromNickname
2020-03-22 20:36:19 +00:00
newBlockJson={
2019-08-18 11:07:06 +00:00
"@context": "https://www.w3.org/ns/activitystreams",
2019-07-17 21:40:56 +00:00
'type': 'Undo',
'actor': blockActor,
'object': {
'type': 'Block',
'actor': blockActor,
'object': blockedUrl,
'to': [toUrl],
'cc': [ccUrl]
}
}
handle=httpPrefix+'://'+fromDomainFull+'/@'+fromNickname
# lookup the inbox for the To handle
2019-11-03 15:27:29 +00:00
wfRequest= \
webfingerHandle(session,handle,httpPrefix,cachedWebfingers, \
fromDomain,projectVersion)
2019-07-17 21:40:56 +00:00
if not wfRequest:
if debug:
print('DEBUG: announce webfinger failed for '+handle)
return 1
postToBox='outbox'
# get the actor inbox for the To handle
2020-03-22 20:36:19 +00:00
inboxUrl,pubKeyId,pubKey,fromPersonId,sharedInbox,capabilityAcquisition,avatarUrl,displayName= \
2019-08-20 09:16:03 +00:00
getPersonBox(baseDir,session,wfRequest,personCache, \
2019-10-17 15:55:05 +00:00
projectVersion,httpPrefix,fromNickname, \
fromDomain,postToBox)
2020-03-22 20:59:01 +00:00
2019-07-17 21:40:56 +00:00
if not inboxUrl:
if debug:
print('DEBUG: No '+postToBox+' was found for '+handle)
return 3
if not fromPersonId:
if debug:
print('DEBUG: No actor was found for '+handle)
return 4
2020-03-22 20:59:01 +00:00
2019-07-17 21:40:56 +00:00
authHeader=createBasicAuthHeader(fromNickname,password)
2020-03-22 20:59:01 +00:00
2020-03-22 20:36:19 +00:00
headers={
'host': fromDomain, \
'Content-type': 'application/json', \
'Authorization': authHeader
}
postResult= \
2019-07-17 21:40:56 +00:00
postJson(session,newBlockJson,[],inboxUrl,headers,"inbox:write")
if debug:
print('DEBUG: c2s POST block success')
return newBlockJson
def outboxBlock(baseDir: str,httpPrefix: str, \
nickname: str,domain: str,port: int, \
messageJson: {},debug: bool) -> None:
""" When a block request is received by the outbox from c2s
"""
if not messageJson.get('type'):
if debug:
print('DEBUG: block - no type')
return
if not messageJson['type']=='Block':
if debug:
print('DEBUG: not a block')
return
if not messageJson.get('object'):
if debug:
print('DEBUG: no object in block')
return
if not isinstance(messageJson['object'], str):
if debug:
print('DEBUG: block object is not string')
return
if debug:
print('DEBUG: c2s block request arrived in outbox')
messageId=messageJson['object'].replace('/activity','')
if '/statuses/' not in messageId:
if debug:
print('DEBUG: c2s block object is not a status')
return
2019-10-17 22:26:47 +00:00
if '/users/' not in messageId and \
'/channel/' not in messageId and \
'/profile/' not in messageId:
2019-07-17 21:40:56 +00:00
if debug:
print('DEBUG: c2s block object has no nickname')
return
if ':' in domain:
domain=domain.split(':')[0]
postFilename=locatePost(baseDir,nickname,domain,messageId)
if not postFilename:
if debug:
print('DEBUG: c2s block post not found in inbox or outbox')
print(messageId)
2019-09-02 09:43:43 +00:00
return
2019-07-17 21:40:56 +00:00
nicknameBlocked=getNicknameFromActor(messageJson['object'])
2019-09-02 09:43:43 +00:00
if not nicknameBlocked:
print('WARN: unable to find nickname in '+messageJson['object'])
return
2019-07-17 21:40:56 +00:00
domainBlocked,portBlocked=getDomainFromActor(messageJson['object'])
domainBlockedFull=domainBlocked
if portBlocked:
if portBlocked!=80 and portBlocked!=443:
if ':' not in domainBlocked:
domainBlockedFull=domainBlocked+':'+str(portBlocked)
2019-07-17 21:40:56 +00:00
addBlock(baseDir,nickname,domain, \
nicknameBlocked,domainBlockedFull)
2020-03-22 20:59:01 +00:00
2019-07-17 21:40:56 +00:00
if debug:
print('DEBUG: post blocked via c2s - '+postFilename)
def outboxUndoBlock(baseDir: str,httpPrefix: str, \
nickname: str,domain: str,port: int, \
messageJson: {},debug: bool) -> None:
""" When an undo block request is received by the outbox from c2s
"""
if not messageJson.get('type'):
if debug:
print('DEBUG: undo block - no type')
return
2019-07-17 21:42:30 +00:00
if not messageJson['type']=='Undo':
2019-07-17 21:40:56 +00:00
if debug:
print('DEBUG: not an undo block')
return
if not messageJson.get('object'):
if debug:
print('DEBUG: no object in undo block')
return
if not isinstance(messageJson['object'], dict):
if debug:
print('DEBUG: undo block object is not string')
return
if not messageJson['object'].get('type'):
if debug:
print('DEBUG: undo block - no type')
return
if not messageJson['object']['type']=='Block':
if debug:
print('DEBUG: not an undo block')
return
if not messageJson['object'].get('object'):
if debug:
print('DEBUG: no object in undo block')
return
if not isinstance(messageJson['object']['object'], str):
if debug:
print('DEBUG: undo block object is not string')
return
if debug:
print('DEBUG: c2s undo block request arrived in outbox')
messageId=messageJson['object']['object'].replace('/activity','')
if '/statuses/' not in messageId:
if debug:
print('DEBUG: c2s undo block object is not a status')
return
2019-10-17 22:26:47 +00:00
if '/users/' not in messageId and \
'/channel/' not in messageId and \
'/profile/' not in messageId:
2019-07-17 21:40:56 +00:00
if debug:
print('DEBUG: c2s undo block object has no nickname')
return
if ':' in domain:
domain=domain.split(':')[0]
postFilename=locatePost(baseDir,nickname,domain,messageId)
if not postFilename:
if debug:
print('DEBUG: c2s undo block post not found in inbox or outbox')
print(messageId)
2019-09-02 09:43:43 +00:00
return
2019-07-17 21:40:56 +00:00
nicknameBlocked=getNicknameFromActor(messageJson['object']['object'])
2019-09-02 09:43:43 +00:00
if not nicknameBlocked:
print('WARN: unable to find nickname in '+messageJson['object']['object'])
return
2019-07-17 21:40:56 +00:00
domainBlocked,portBlocked=getDomainFromActor(messageJson['object']['object'])
domainBlockedFull=domainBlocked
if portBlocked:
if portBlocked!=80 and portBlocked!=443:
if ':' not in domainBlocked:
domainBlockedFull=domainBlocked+':'+str(portBlocked)
2019-07-17 21:40:56 +00:00
removeBlock(baseDir,nickname,domain, \
nicknameBlocked,domainBlockedFull)
if debug:
print('DEBUG: post undo blocked via c2s - '+postFilename)